<?php
     /**
      * CHILD FILE OF TOWN.PHP
      * */
     
    $c = getCharacterRecord($_SESSION['id']);                           /* GET CHAR INFO                */
    $store_type = $_GET['type'];
    $armor = getItemRec($c['armorId'],'armor');                         /* GET CHAR ARMOR INFO          */
    $weapon = getItemRec($c['weaponId'],'weapon');                      /* GET CHAR WEAPON INFO         */
    
     if($c['armorId'] == 0)                                                  /* SET ARMOR/WEAPON NAME =0?    */
         $armor['name'] = 'mangy clothes that were doing you no good anyways.';
    if($c['weaponId'] == 0)
         $weapon['name'] = 'you not using anything! HAHAH!';
         
    echo '<p>';                                                         /* ##### [SHOP SIGN] #####      */
    hr($settings['game'][$store_type.'_shop'],'1');
    echo '</p>';
   
    if(isset($_SESSION['msg']) && $_SESSION['msg'] > '')                /* ##### [ ERROR MSG ]#####     */
    {
        $msg = $_SESSION['msg'];
        lwriteln($msg);
        $_SESSION['msg'] = '';
    }
    elseif(isset($_GET['item']))                                        /* #####[ PURCHASING ITEM]####  */
    {
       $item_id    = $_GET['item'];                                     /* GET SELECTED ITEM ID         */
       $type       = $_GET['type'];                                     /* TYPE WEAPON/ARMOR            */
       /**
        * THIS SECTION ADDED FOR SECURITY,
        * IF SOMEONE BRUT-FORCED THE URL AND ID
        * */
       $sql = "SELECT * FROM $store_type WHERE id=$item_id";                              
        $query = $db->query($sql);
        $item = $query->fetch();
       $new_cost       = getItemRec($item['id'],'prices');         /* COST OF ITEM BEING BOUGHT       */
       $old_cost       = getItemRec($c[$store_type.'Id'],'prices');    /* VENDOR BUY PRICE FOR OLD ITEM   */
       
       /**
        * TODO: ADD URL SECURITY FOR THOSE THAT FORCE A HIGHER WEAPON
        * INDENTATION HAS BEEN LEFT FOR THIS PURPOSE....
        * */
           if($c[$store_type.'Id'] > 0)                                /* MAKE SURE ITS NOT ROOKIE STUFF  */
           {
               $c['gold'] += $old_cost['price'] * 0.5;
               update($_SESSION['id'], 'gold', $c['gold']);            /* GIVE PLAYERS OLD ITEM *.5       */
           }
           $c['gold'] -= $new_cost['price'];
           update($_SESSION['id'], 'gold', $c['gold']);                /* TAKE PLAYERS MONEY FOR NEW ITEM  */
           update($_SESSION['id'], $store_type.'Id',$item_id);         /* GIVE PLAYER THE NEW ITEM         */
            
           /**
            * TODO: MAKE LIST OF GOSSIP FOR THANKS VS ID OF ITEM
            * */
           
           lwriteln('`5"..Thank you for your purchase. I know you will benifit greatly from the `$'.$item['name'].'!!');
           lwriteln('`2But I did give you '.($old_cost * 0.5).'gp for your old ',false);
           if($store_type == 'armor')
                echo $armor['name'];
            else
                echo $weapon['name'];
    }
    else
    {
        
        lwriteln('`2'.$settings['locationIntro'][$store_type].' ',false);
        $settings['gossip'][$store_type] =
            str_ireplace('%s',$c['sex'] > 0?'lil miss':'kind sir',
                         $settings['gossip'][$store_type]
                         );
        lwriteln('`5"'.$settings['gossip'][$store_type].'"');
   }
   
   
   
   $sql = "SELECT * FROM $store_type";
   $query = $db->query($sql);
   
   echo '<p>
        <h2>'.strtoupper($store_type).'\'s LIST:</h2>
        <table><tr><td>';
   while ($item = $query->fetch())
   {
        $price = getItemRec($item['id'],'prices');
        // KLUDGE!! FIX LATER
        $cost = intval($price['price']);

        if($c['gold'] >= $cost) {echo '<a href="?loc=s&item='.$item['id'].'&type='.$store_type.'">';}
        
        lwriteln(listFormat('`2'.$item['name'], '`0'.number_format($price['price']),40));
        if($c['gold'] >= $cost){ echo '</a>';}
   }
   echo '</td></tr></table></p>';
    
?>

<script src="scripts/hotkeys.js" type="text/javascript"></script>
<script type="text/javascript">
	shortcut.add("d",function() {window.location.assign("?loc=b&trans=d");});
	shortcut.add("w",function() {window.location.assign("?loc=b&trans=w");});
	shortcut.add("t",function() {window.location.assign("?loc=b&trans=t");});
	shortcut.add("r",function() {window.location.assign("town.php");});
    
</script>
<p>
    
</p>
<p>
    <table>
        <tr>
            <td><a href="?loc=s&trans=b&type=<?=$store_type;?>"><?=lwriteln('`0(`5B`0)`2uy '.$store_type,false);?></a></td>
        </tr>
        <tr>
            <td><a href="?loc=s&trans=s&type=<?=$store_type;?>"><?=lwriteln('`0(`5S`0)`2ell '.$store_type,false);?></a> (Haggle)</td>
        </tr>        
        <tr>
            <td><a href="town.php"><?=lwriteln('`0(`5R`0)`2eturn to town');?></a></td>
        </tr>        
    </table>
</p>
<p>
    <?=lwriteln('`2Gold on hand: `0'.$c['gold']);?>
    <?=lwriteln('`2Current '.$store_type.'`$: `0'.($store_type=='armor'?$armor['name']:$weapon['name']));?>
    <?=lwriteln('`5'.$settings['game'][$store_type.'_shop'].'`8(b,s,r)');?>
</p>
<p>
    <?=lwriteln('`2Your choice `0'.$c['name'].': ',false);?>
</p>
<?php
    /* check for bank transaction  and show results */
    if(isset($_GET['trans']))
    {
        /** do they have money to work with */
        if($c['gold'] <= 0 && $_GET['trans'] == 'b')
        {
            lwriteln('`4"HEY! Waddaya tryin to pull! Come back when you have some gold.');
        }
        elseif($c[$store_type.'Id'] == 0 && $_GET['trans'] == 's')
        {
            lwriteln('`4"I am not interested in that '.$store_type.'.');    
        }
    }  
    
    
    
   
?>
